nixos-config/services/vikunja.nix

{ config, my, secrets, ... }:

let fqdn = "todo.${my.domain}";
in {
  sops.secrets."vikunja/env" = {
    sopsFile = ../secrets/sops/vikunja.yaml;
    restartUnits = [ "vikunja.service" ];
  };

  services.vikunja = {
    enable = true;
    frontendScheme = "https";
    frontendHostname = fqdn;
    environmentFiles = [ secrets."vikunja/env".path ];
    database.type = "sqlite";
    settings = {
      service = {
        timezone = "Europe/Vienna";
        publicurl = fqdn;
        enableregistration = false;
      };
      log.http = "off";
      files.maxsize = "64MB";
      defaultsettings.week_start = 1;
    };
  };

  services.nginx.virtualHosts.${fqdn} = let serverCfg = config.services.vikunja;
  in {
    forceSSL = true;
    useACMEHost = my.domain;
    kTLS = true;
    locations."/" = {
      proxyPass = "http://[::1]:${toString serverCfg.port}";
      proxyWebsockets = true;
      extraConfig = ''
        client_max_body_size 64M;
      '';
    };
  };
}
services: vikunja: add initial deployment Signed-off-by: Christoph Heiss <christoph@c8h4.io> 2024-06-06 17:56:34 +02:00			`{ config, my, secrets, ... }:`

services: vikunja: centralize fqdn construction Signed-off-by: Christoph Heiss <christoph@c8h4.io> 2024-08-17 14:58:33 +02:00			`let fqdn = "todo.${my.domain}";`
services: vikunja: add initial deployment Signed-off-by: Christoph Heiss <christoph@c8h4.io> 2024-06-06 17:56:34 +02:00			`in {`
			`sops.secrets."vikunja/env" = {`
			`sopsFile = ../secrets/sops/vikunja.yaml;`
			`restartUnits = [ "vikunja.service" ];`
			`};`

			`services.vikunja = {`
			`enable = true;`
			`frontendScheme = "https";`
services: vikunja: centralize fqdn construction Signed-off-by: Christoph Heiss <christoph@c8h4.io> 2024-08-17 14:58:33 +02:00			`frontendHostname = fqdn;`
services: vikunja: add initial deployment Signed-off-by: Christoph Heiss <christoph@c8h4.io> 2024-06-06 17:56:34 +02:00			`environmentFiles = [ secrets."vikunja/env".path ];`
services: vikunja: move to fort Signed-off-by: Christoph Heiss <christoph@c8h4.io> 2024-08-17 16:50:52 +02:00			`database.type = "sqlite";`
services: vikunja: add initial deployment Signed-off-by: Christoph Heiss <christoph@c8h4.io> 2024-06-06 17:56:34 +02:00			`settings = {`
			`service = {`
			`timezone = "Europe/Vienna";`
services: vikunja: centralize fqdn construction Signed-off-by: Christoph Heiss <christoph@c8h4.io> 2024-08-17 14:58:33 +02:00			`publicurl = fqdn;`
services: vikunja: add initial deployment Signed-off-by: Christoph Heiss <christoph@c8h4.io> 2024-06-06 17:56:34 +02:00			`enableregistration = false;`
			`};`
			`log.http = "off";`
services: vikunja: move to fort Signed-off-by: Christoph Heiss <christoph@c8h4.io> 2024-08-17 16:50:52 +02:00			`files.maxsize = "64MB";`
services: vikunja: add initial deployment Signed-off-by: Christoph Heiss <christoph@c8h4.io> 2024-06-06 17:56:34 +02:00			`defaultsettings.week_start = 1;`
			`};`
			`};`

services: vikunja: move to fort Signed-off-by: Christoph Heiss <christoph@c8h4.io> 2024-08-17 16:50:52 +02:00			`services.nginx.virtualHosts.${fqdn} = let serverCfg = config.services.vikunja;`
			`in {`
			`forceSSL = true;`
			`useACMEHost = my.domain;`
			`kTLS = true;`
			`locations."/" = {`
			`proxyPass = "http://[::1]:${toString serverCfg.port}";`
			`proxyWebsockets = true;`
			`extraConfig = ''`
			`client_max_body_size 64M;`
			`'';`
			`};`
services: vikunja: add initial deployment Signed-off-by: Christoph Heiss <christoph@c8h4.io> 2024-06-06 17:56:34 +02:00			`};`
			`}`